SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 44

changes.mady.by.user Dhruv Mohindra

Saved on

compared with

New Version 45

changes.mady.by.user Dhruv Mohindra

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

External programs can be invoked from Java code using the exec() method of the java.lang.Runtime class. The exec() method returns an object of a subclass of the abstract class java.lang.Process. The exitValue() method can be used to observe the return value of the process. This recommendation discusses several issues resulting from the improper use of the exec() method. Similarly the ProcessBuilder.start() method is also prone to misuse.

Noncompliant Code Example

...

TODO

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.GROOVY-3275

References

Wiki Markup
\[[API 06|AA. Java References#API 06]\] method [exec()|http://java.sun.com/javase/6/docs/api/java/lang/Runtime.html#exec(java.lang.String)]
\[[Daconta 00|AA. Java References#Daconta 00]\]
\[[Daconta 03|AA. Java References#Daconta 03]\] Pitfall 1

...